Rewrite using nftables

[dngray]

It seems that nftables is certainly going to be the future.

I think this could drastically simplify things too, especially when considering IPv6 support #10

Should also be noted that a couple of major distributions are now using nftables by default:

• Debian 10 https://wiki.debian.org/nftables

  NOTE: Debian Buster uses the nftables framework by default.

  Starting with Debian Buster, nf_tables is the default backend when using iptables, by means of the iptables-nft layer (i.e, using iptables syntax with the nf_tables kernel subsystem). This also affects ip6tables, arptables and ebtables.

• RHEL 8 https://www.redhat.com/en/blog/using-nftables-red-hat-enterprise-linux-8

  In Red Hat Enterprise Linux 8 the preferred low level firewall solution is nftables. This post is an introduction to using nftables. This is most relevant for system administrators and DevOps practitioners. Where it makes sense we will highlight differences between nftables and its predecessor iptables.

• Fedora 32 Looking At Switching Firewalld From Iptables To Nftables (Phoronix)

More information can be found nftables (archwiki) nftables (gentoo). Seems to be available for alplinelinux too.

[wknapik]

Hey @dngray. We talked elsewhere, so I won't repeat it all here. The tl;dr, for anyone interested, is that this would be too big a change for too little gain, so that is unlikely to happen. Closing for now.